SEV-ES
by AMD
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26406 | 0.00 | — | 0.00 | May 9, 2023 | Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service. | |||
| CVE-2021-26324 | 0.00 | — | 0.00 | May 10, 2022 | A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. | |||
| CVE-2021-26332 | 0.00 | — | 0.00 | May 10, 2022 | Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. | |||
| CVE-2021-26311 | 0.00 | — | 0.02 | May 13, 2021 | In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has… | |||
| CVE-2020-12967 | 0.00 | — | 0.02 | May 13, 2021 | The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. |
- CVE-2021-26406May 9, 2023risk 0.00cvss —epss 0.00
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.
- CVE-2021-26324May 10, 2022risk 0.00cvss —epss 0.00
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.
- CVE-2021-26332May 10, 2022risk 0.00cvss —epss 0.00
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.
- CVE-2021-26311May 13, 2021risk 0.00cvss —epss 0.02
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has…
- CVE-2020-12967May 13, 2021risk 0.00cvss —epss 0.02
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.